Information for Law Enforcement

If you're in law enforcement, you need to know about cybercrime and any tools you can download to investigate incidents. We have many resources to help you do just that. Consider these questions and read on.

Read our FAQ to learn more about the CERT Division;watch videos and see other artifacts that summarize our latest research. If you have questions, please feel free to contact us.

How Well Are You Using Network Data to Detect Criminal Activity?

We develop cutting-edge analysis techniques and tools for operational use in high-impact environments so that organizations are better able to defend their networks from potential attacks.

Are Your Networks Secure?

Our researchers develop cutting-edge analysis techniques and tools for operational use in high-impact environments so that organizations are better able to defend their networks from potential attacks.

FloCon ConferencesWe sponsor FloCon, open conferences where operational network analysts, tool developers, researchers, and other parties interested in the analysis of large volumes of traffic showcase the next generation of flow-based analysis techniques. FloCon 2016 takes pace in Daytona Beach, Florida in January 2016.

Are You Using the Latest Investigative Tools and Techniques?

Our experts produce technologies, capabilities, and practices that organizations can use to develop incident response capabilities and facilitate incident investigations.

Forensics Tools
Our tools help you facilitate forensic examinations and assist authorized members of the law enforcement community.

Case StudiesThese case studies detail how we aided the U.S. Secret Service in solving the landmark TJX & Heartland and Iceman cases.

Are You Prosecuting Malicious Insiders Effectively?

Our experts enable insider threat programs to be more effective by performing research, modeling, analysis, and outreach to define socio-technical best practices so that organizations are better able to deter, detect, and respond to evolving insider threats.

Insider Threat Workshops
Our workshops help attendees develop a list of actions to consider as they implement effective insider threat detection across their organization. The confidential, on-site workshops use actual malicious insider incidents that occurred in your organization.

Protect Your Assets

Information Security for Technical Staff
This course teaches you practical techniques for protecting the security of your organization's information assets and resources, beginning with concepts and proceeding on to technical implementations.

Learn to Recognize Secure Code

DidFail
The DidFail tool uses static analysis to detect potential leaks of sensitive information within a set of Android apps.

Rosecheckers Tool
The Rosecheckers tool performs static analysis on C/C++ source files. It is designed to enforce the rules in the CERT C Coding standard.

AIR Security Integer ModelOur researchers are working on a number of solutions for addressing the issue of integral security, including the "as-if infinitely ranged" AIR prototype.

Secure Coding in C and C++
This course provides practical advice on secure practices in C and C++ programming, provides a detailed explanation of common programming errors in C and C++, and describes how these errors can lead to code that is vulnerable to exploitation.

Secure Coding in Java
This four-day course provides a detailed explanation of common programming errors in Java and describes how these errors can lead to code that is vulnerable to exploitation.

Learn More About Forensics

Applied Cybersecurity, Incident Response and Forensics
This five-day, hands-on course is designed to increase the knowledge and skills of technical staff charged with administering and securing information systems and networks. Security topics such as vulnerability assessment, systems administration, network monitoring, incident response, and digital forensics will offer a comprehensive defense-in-depth experience.

Attend a Conference

Our work in network situational awareness develops cutting-edge analysis techniques and tools for operational use in high-impact environments so that organizations are better able to defend their networks from potential attacks. Attend or present at the next FloCon event.